Pages

Thursday, 1 October 2015

Apple Close 147 Vulnerabilities In OS X, iOS And Safari

Apple yesterday updates to Mac OS X, iOS and Safari released, which fix 147 vulnerabilities added. The biggest update was for Mac OS X. OS X El Capitan (OS X 10:11) Apple also has many new features in addition to fixed 101 vulnerabilities.

Through the vulnerabilities an attacker could execute arbitrary code in the worst case. Also, it appeared to be possible to gain access to keychain items and Safari users to follow as they were using private-browsing. Furthermore, an attacker could intercept via a man-in-the-middle SSL / TLS connections, decrypt SSL traffic and determine RSA private keys.

It is now no longer possible to flash the firmware with a malignant Ethernet Apple Thunderbolt adapter. In addition, it appeared that the "Secure Empty Trash" option to permanently delete files, deleted files are not always permanent. A list of all solved problems on the website of Apple to find. The new OS X version can be downloaded via the Mac App Store and Apple.com.

IOS

Yesterday released a new version of iOS. IOS 9.0.2 fixes a vulnerability allowing someone with physical access to the device photos and contacts could approach, even though the screen lock was active. Due to a problem with the lock screen could these data and files are still accessed. Apple has solved this by limiting the options available on a locked device. The update can be downloaded via iTunes and the Software Update feature.

Safari

In Safari 9 for OS X Mavericks, OS X Yosemite and El Capitan OS X, Apple has fixed 45 vulnerabilities. Through the vulnerabilities an attacker could determine the browsing history of users and Safari Extensions replaced. Due to a problem with the Safe Browsing option users were not warned when they visited a known malicious website. In the worst case, an attacker could execute when visiting a hacked or malicious website arbitrary code on the system. Safari 9 can be downloaded via the Mac App Store.